From 2e8e7df185b499d633f112fdf1d07ff5eb1dbf82 Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Thu, 25 Jun 2020 14:13:58 +0200 Subject: Allow to run on read only root fs In order to be able to run on read only root fs, two changes have been done: * unpack tomcat war at container creation * launch the property file configuration conditionnally If "ON_KUBERNETES" environment variable is set to "TRUE" (default is "FALSE" for backward compatibility), the proper have to be set at boot via configmap on Kubernetes for example. Changes are backward compatible and shouldn't change actual behavior per default. Issue-ID: VID-850 Signed-off-by: Sylvain Desbureaux Change-Id: I6f96e2ca55093ee899be18d6ce4c2dfd7c1a5792 --- deliveries/src/main/docker/docker-files/Dockerfile | 16 ++++++++++++++-- deliveries/src/main/scripts/localize.sh | 22 ++++++++-------------- 2 files changed, 22 insertions(+), 16 deletions(-) (limited to 'deliveries') diff --git a/deliveries/src/main/docker/docker-files/Dockerfile b/deliveries/src/main/docker/docker-files/Dockerfile index 0279750e2..1d95efa20 100755 --- a/deliveries/src/main/docker/docker-files/Dockerfile +++ b/deliveries/src/main/docker/docker-files/Dockerfile @@ -1,3 +1,10 @@ +FROM openjdk:11-jdk-slim as build + +ADD maven/artifacts/vid.war /stage/ +WORKDIR /vid +RUN jar -xf /stage/vid.war +RUN rm -f *.war + FROM tomcat:9-jdk11-openjdk-slim # add vim and uncomment alias to speedup troubleshooting purpose @@ -17,6 +24,10 @@ RUN groupadd -r $group && useradd -ms /bin/bash $user -g $group && \ mkdir /var/log/$user && \ chown -R $user:$group /var/log/$user +# Kubernetes variables +# set to TRUE (in capital) if on Kubernetes +ENV ON_KUBERNETES="FALSE" + # MariaDB variables ENV VID_MYSQL_HOST="vid-mariadb-docker-instance" \ VID_MYSQL_PORT="3306" \ @@ -97,9 +108,10 @@ ENV JAVA_OPTS="-Xmx1536m -Xms1536m" ADD maven/config/server.xml ${VID_TOMCAT_PATH} ADD maven/scripts/*.sh /tmp/vid/ -ADD maven/artifacts/vid.war /tmp/vid/stage/ - RUN chown $user:$group /tmp/vid /usr/local/tomcat -R + +COPY --chown=$user:$group --from=build /vid /usr/local/tomcat/webapps/vid/ + RUN chmod +x /tmp/vid/localize.sh USER $user CMD ["/tmp/vid/localize.sh"] diff --git a/deliveries/src/main/scripts/localize.sh b/deliveries/src/main/scripts/localize.sh index d149e3bae..e4b8c220d 100755 --- a/deliveries/src/main/scripts/localize.sh +++ b/deliveries/src/main/scripts/localize.sh @@ -13,20 +13,14 @@ createWritableLogbackConfig() { cp -f /tmp/logback.xml /tmp/vid/logback.xml } -deployWarOnTomcatManually() { - cd /usr/local/tomcat/webapps/ - mkdir vid - cd vid - jar -xf /tmp/vid/stage/vid.war -} - - -createWritableLogbackConfig -deployWarOnTomcatManually - -TEMPLATES_BASE_DIR=/usr/local/tomcat/webapps/vid/WEB-INF - -fillTemplateProperties ${TEMPLATES_BASE_DIR} +if [ "${ON_KUBERNETES}" = "TRUE" ] +then + echo "We're running on Kubernetes, preconfiguration is already handled" +else + createWritableLogbackConfig + TEMPLATES_BASE_DIR=/usr/local/tomcat/webapps/vid/WEB-INF + fillTemplateProperties ${TEMPLATES_BASE_DIR} +fi # Set CATALINA_OPTS if not defined previously # Enables late-evaluation of env variables, such as VID_KEYSTORE_PASSWORD -- cgit 1.2.3-korg